<%@page import="java.util.ArrayList"%>
<%@page import="java.sql.SQLException"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.DriverManager"%>
<%@page import="java.sql.Connection"%>
<%@page import="java.util.Hashtable"%>
<%@page import="com.java.FamTree.*"%>

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
    
  <%
	// Check to see if we're logged in.
	if (session.getAttribute("UserId") == null) {
	    response.sendRedirect("index.jsp"); // Send them away if they're not logged in.
	}

	//Check if user is admin
	if ((Boolean)session.getAttribute("IsAdmin") == false) {
	    response.sendRedirect("Home.jsp"); // Send back to home
	}
	
	int userId = -1;
	try {
	   userId = Integer.parseInt(request.getParameter("UserId"));
	} catch (NumberFormatException ex) {
	    userId = -1;
	}

	if(userId == -1) {
	    response.sendError(400, "Invalid UserId");
	}
	
	int personId = -1;
	try {
	   personId = Integer.parseInt(request.getParameter("PersonId"));
	} catch (NumberFormatException ex) {
	    personId = -1;
	}
	
	ArrayList<Integer> PermissionFields = new ArrayList<Integer>();
	//if id is not -1 then we were provided a person so we need to grab the permissions this user has for them
	if(personId > -1){
		Connection con = null;
		try {
		    con = DriverManager.getConnection("jdbc:mysql://webdev.cs.uwosh.edu:4381/severa24", "severa24", "d450224");
		    PreparedStatement selectFields = con.prepareStatement("SELECT FieldId, LastEditDate FROM Field Where Person = ? AND UserId = ?");

		    selectFields.setInt(1, personId);
		    selectFields.setInt(2, userId);
		    
		    ResultSet rst = selectFields.executeQuery();

		    while(rst.next()) {
		    	PermissionFields.add(rst.getInt(1));
		    }
		} catch (SQLException ex) { 
		    System.err.println(ex); 
		} finally {
		    if (con != null ) {
		        try {
		            con.close();
		        } catch (SQLException ex) {
		            System.err.println(ex);
		        }
		    }
		}
	}
  %>
    
    
    
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Edit Person Permission</title>
</head>
<body>
<Div style="text-align:right;background-color:#F0F0F0;" id="TopMenuBar" >
	<%
		out.print("<span id='WelcomSpan'>Welcome " + session.getAttribute("Username") + "  </span>");
		out.print("<a href='index.jsp'><button>Logout</button></a>");
		if((Boolean)session.getAttribute("IsAdmin")){
			out.print("<a href='Admin.jsp'><button>Admin</button></a>");
		}
	%>
</Div>
	<br/>
	<div style="text-align:center">What fields would you like to give permission to:</div>
	<br/>
	<br/>
	<form name="MyForm" method=post action="${pageContext.request.contextPath}/UpdatePermissions.jsp">
		<input type="text" name="userId" value='<% out.print(userId); %>' style="display:none"/>
		<input type="text" name="personId" value="<% out.print(personId); %>" style="display:none"/>
		<table align="center">
		<tr>
			<td>Bio:<td/>
			<td><input type="checkbox" <% String stm = PermissionFields.contains(7) ? "checked='checked'" : ""; out.print(stm); %> name="Bio"/><td/>
		</tr>
		<tr>
			<td>Birth Date:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(8) ? "checked='checked'" : ""; out.print(stm); %> name="BirthDate"/><td/>
		</tr>
		<tr>
			<td>Birth Place:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(9) ? "checked='checked'" : ""; out.print(stm); %> name="BirthPlace"/><td/>
		</tr>
		<tr>
			<td>Name:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(10) ? "checked='checked'" : ""; out.print(stm); %> name="Name"/><td/>
		</tr>
		<tr>
			<td>Gender<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(11) ? "checked='checked'" : ""; out.print(stm); %> name="Gender"/><td/>
		</tr>
		<tr>
			<td>Last Known Address:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(12) ? "checked='checked'" : ""; out.print(stm); %> name="LastKnownAddress"/><td/>
		</tr>
		<tr>
			<td>Death Date:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(13) ? "checked='checked'" : ""; out.print(stm); %> name="DeathDate"/><td/>
		</tr>
		<tr>
			<td>Death Place:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(14) ? "checked='checked'" : ""; out.print(stm); %> name="DeathPlace"/><td/>
		</tr>
		<tr style="display:none">
			<td>Children:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(15) ? "checked='checked'" : ""; out.print(stm); %> name="Children"/><td/>
		</tr>
		<tr style="display:none">
			<td>Events:<td/>
			<td><input type="checkbox" <% stm = PermissionFields.contains(16) ? "checked='checked'" : ""; out.print(stm); %> name="Events"/><td/>
		</tr>
		</table>
		<div style="text-align:center">
			<button class="submit" type="submit" name="sub" value="Save Permissions">Save Permissions</button>
		</div>
	</form>
	<div style="text-align:center">
		<a href="<% out.print("EditUserPermission.jsp?UserId=" + userId); %>"><button>Back</button></a>
	</div>
</body>
</html>